[PCI-DSS] 3.2.2 Do not store the card-verification code or value (three-digit or four-digit number printed on the front or back of a payment card) used to verify card-not-present transactions.
[SIZE=3]
Note: See PCI DSS Glossary of Terms, Abbreviations, and Acronyms for additional information.[/SIZE]
3.2.2 For a sample of system components, verify that the three-digit or four-digit card-verification code or value printed on the front of the card or the signature panel (CVV2, CVC2, CID, CAV2 data) is not stored under any circumstance:
[ul]
[li]Incoming transaction data[/li][li]All logs (for example, transaction, history, debugging, error)[/li][li]History files[/li][li]Trace files[/li][li]Several database schemas[/li][li]Database contents[/li][/ul]